Flux RSS

More than a decade since the 2015 Jeep hack, the cybersecurity of vehicles remains of the utmost importance.

Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.

World Leaks is a cyber extortion operation that steals sensitive data from organizations and threatens to leak it via the dark web if a ransom is not paid. Read more in my article on the Fortra blog.

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study

Organizations repeatedly expose ports, reuse passwords, and skip patches, creating security gaps that attackers exploit for breaches. An industry veteran outlines ways to fix these common mistakes.

EtherRAT hides C2 in Ethereum smart contracts via EtherHiding, steals wallets and credentials

AI models often hallucinate or make costly mistakes when tasked with recommending software versions, upgrade paths, and security fixes — leading to significant technical debt.

PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients

OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws

Third-party resellers and brokers foil transparency efforts and allow spyware to spread despite government restrictions, a study finds.

A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin - signing his extortion emails from a company called "Loot." Meanwhile, two people drive up to the entrance of the UK's nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Something in between? All this and more in episode 460 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Jenny Radcliffe.

Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key

The National Crime Agency has warned construction firms about surging invoice fraud

Commission preliminarily finds Pornhub, Stripchat, XNXX and XVideos in breach of the Digital Services Act for allowing minors to access their services Anonymous (not verified) Thu, 03/26/2026 - 09:39 The European Commission preliminarily found Pornhub, Stripchat, XNXX and XVideos in breach of the Digital Services Act (DSA) for failing to protect minors from being exposed to pornographic content on their services. In exercising their right of defence, XVideos, XNXX, Pornhub and Stripchat now have the possibility to examine the documents in the Commission's investigation files and reply in writing to the Commission's preliminary findings. Read the full press release and find further information about the: Digital Services Act - main aspects of the regulation User rights under the Digital Services Act - an overview Protecting and empowering young people online Supervision of the designated very large online platforms and search engines under DSA Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce DSA - Digital Services Act {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

Commission investigates Snapchat's compliance with child protection rules under the Digital Services Act Anonymous (not verified) Thu, 03/26/2026 - 09:39 The European Commission has opened formal proceedings to investigate if Snapchat is ensuring a high level of safety, privacy and security for children online, in compliance with the Digital Services Act (DSA). Snapchat may have breached the DSA by exposing minors to grooming attempts and recruitment for criminal purposes, as well as to information about the sale of illegal goods, like drugs, or age-restricted products, such as vapes and alcohol. The investigation will focus on five areas. Read the full press release and more information about the Commission services and Dutch Digital Services Coordinator joint investigation. Find further information about the: Digital Services Act- main aspects of the regulation User rights under the Digital Services Act- an overview Protecting and empowering young people online Supervision of the designated very large online platforms and search engines under DSA Related topics Better Internet for Children Strengthening trust and security Online platforms and e-commerce DSA - Digital Services Act {"service":"share","version":"2.0","color":true,"networks":["x","facebook","linkedin","email","more"]}

While US government sits out this year, EU officials are on the ground in San Francisco leading the conversations on today's top cybersecurity challenges.

Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts

Publicly accusing an entity of a cyberattack could have negative consequences that organizations should consider before taking the plunge.

Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials